1. Field of the Invention
This invention pertains to the field of electronically readable personal identification and commercial transaction cards and more particularly relates to identification cards having a digital storage medium such as a mag-stripe encoded with a first reference data element uniquely identifying the storage medium on the particular card, a second reference data element identifying a unique physiological biometric aspect of the individual identified by the card, and prefereably a third reference data element representative of graphics or text displayed on the face of the card. The individual reference data elements may be encrypted in a combined encoded data element by means of an encoding algorithm, thereby to better secure the individual reference data elements against retrieval and possible illicit use by unauthorized parties.
2. State of the Prior Art
Electronically readable cards in various forms have come into widespread and rapidly increasing use for diverse purposes. In general, such cards serve to identify the bearer to persons such as security guards and electronic systems such as electronically controlled gates and automatic bank teller terminals (ATMs) and for purposes of this disclosure such cards are referred to as ID cards. ID cards may take the form of employee badges and electronic key cards for gaining physical access to restricted premises or mass transit systems, financial transaction cards such as bank credit and debit cards, or documents issued by a governmental entity such as driver licenses and passports.
Typical ID cards are rectangular sheets of laminated plastic imprinted with visually readable personal identification indicia which may include alphanumeric text with or without graphics such as a photograph of the card owner. These visually readable indicia are intended to identify the card owner to other persons without use of intervening card reader machines, and permit visual verification of the card user's appearance against the photograph on the card, and verification of the name printed on the card against other records, such as the name of a bank account owner by a bank teller, for example.
Identification cards have long been equipped with magnetic stripes to make the cards machine readable so as to expedite transactions and at the same time to make the cards more difficult to duplicate. However, the advent of low cost and readily available technology has made these so called mag-stripe cards relatively easy to counterfeit.
A relatively recent development aiming for increased security against counterfeit ID cards is disclosed in a series of patents issued to Ronald S. Indeck, including the following U.S Patents which are generally referred to as the Indeck patents in this specification:
536558611/94 54085054/9554286836/9555464628/96558765412/96 56256894/9757402444/98
The Indeck patents disclose a method by which the magnetic storage stripe on each card may be uniquely identified by reading minute random variations in the distribution and orientation of magnetic particles along the surface of the magnetic stripe. The magnetic stripes consist of fine particles of magnetic material bound in a plastic matrix. When examined on a sufficiently small scale it is found that the distribution of the magnetic particles is random. This random distribution can be read as an electronic signal or noise in a suitably modified card reader, and the signal serves as a unique fingerprint of a particular magnetic stripe element. The microstructure of a selected portion of the card's magnetic stripe can be represented in digital form, i.e. digitized, and stored on the card's magnetic stripe, thereby enabling authentication of the card as the true original distinguishable from, for example, a fraudulent card imprinted and magnetically encoded with the same information as the original but having a magnetic stripe with a different microstructure. U.S. Pat. No. 6,098,881 issued to DeLand, Jr, et al., and entitled Magnetic Stripe Card Verification System hereafter the DeLand patent, advances Indeck's invention by providing practical enabling technology designed to implement Indeck's invention in practical mag-stripe card readers. The technology disclosed in the Indeck patents and the DeLand, Jr. patent thus enables verification of a given card's authenticity with a high degree of confidence.
The Indek/DeLand, Jr. technology, if implemented in a mag-stripe card reader, can verify with a relatively high degree of assurance that a given mag-stripe card was legitimately issued by tying a given digital data storage element, i.e. a given mag stripe element, to a particular plastic card embossed and imprinted with the legitimate card owner's personal information. However, the existing technology fails to ensure that the person presenting the card at a transaction site is the legitimate owner of the card by tying the physical card to a single physical person with a comparable degree of assurance. Consequently, a much lower degree of confidence exists with regard to the identity of the person presenting a card at a transaction site. Existing cards seek to verify the identity of a card user by providing a photograph or a signature of the authorized card owner. Both of these means can be circumvented, often with little difficulty. Commercial credit and bank cards usually have no photograph because it is too difficult to obtain verifiable photographs of millions of card users. While the cards provide for the user's signature, this is often left blank or is not checked by the vendor. Also, an increasing number of transactions take place at unattended card terminals where visual comparison of photographs and signatures are not and cannot be made.
A continuing need exists for improvements in personal identification cards whereby a particular mag-stripe card can be positively associated with only one physical person and is made secure against fraudulent use by an impersonator.
Another shortcoming of present card technology is its reliance upon card verification against an off-site, remote data base, typically via a telephone line connection and even over communications satellite links. In the case of major credit cards the card data verification data base is typically hosted by a mainframe computer at a central or regional data processing center. In more localized applications, such as access control at large plant facilities or airports, many card readers are connected to a central computer for card verification and control. The need for remote card verification and transaction authorization substantially increases the cost of card based systems and also slows card based transactions because of communications delays and off-site data processing times.
Consequently, a need also exists for mag-stripe card readers and transaction terminals capable of highly reliable yet fully local verification of both card authenticity and user identity so as to facilitate implementation of widely distributed card based systems at lower cost while also speeding card based transactions.